mirror of
https://github.com/RoboSats/robosats.git
synced 2024-12-13 19:06:26 +00:00
Users stay logged in when re-entering home if there is an active order or is an old account
This commit is contained in:
parent
5e0639cfb3
commit
ce9845cbc2
@ -20,6 +20,9 @@ RoboSats is a simple and private way to exchange bitcoin for national currencies
|
||||
## Contribute to the Robotic Satoshis Open Source Project
|
||||
See [CONTRIBUTING.md](CONTRIBUTING.md)
|
||||
|
||||
## Original idea
|
||||
A simple, custody-minimized, lightning exchange using hold invoices is heavily inspired by [P2PLNBOT](https://github.com/grunch/p2plnbot) by @grunch
|
||||
|
||||
## License
|
||||
|
||||
The Robotic Satoshis Open Source Project is released under the terms of the AGPL3.0 license. See [LICENSE](LICENSE) for more details.
|
||||
|
23
api/views.py
23
api/views.py
@ -315,14 +315,21 @@ class UserView(APIView):
|
||||
Response with Avatar and Nickname.
|
||||
'''
|
||||
|
||||
# if request.user.id:
|
||||
# context = {}
|
||||
# context['nickname'] = request.user.username
|
||||
# participant = not Logics.validate_already_maker_or_taker(request.user)
|
||||
# context['bad_request'] = f'You are already logged in as {request.user}'
|
||||
# if participant:
|
||||
# context['bad_request'] = f'You are already logged in as as {request.user} and have an active order'
|
||||
# return Response(context,status.HTTP_200_OK)
|
||||
# If an existing user opens the main page by mistake, we do not want it to create a new nickname/profile for him
|
||||
if request.user.is_authenticated:
|
||||
context = {'nickname': request.user.username}
|
||||
not_participant, _ = Logics.validate_already_maker_or_taker(request.user)
|
||||
|
||||
# Does not allow this 'mistake' if an active order
|
||||
if not not_participant:
|
||||
context['bad_request'] = f'You are already logged in as {request.user} and have an active order'
|
||||
return Response(context, status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
# Does not allow this 'mistake' if the last login was sometime ago (5 minutes)
|
||||
if request.user.last_login < timezone.now() - timedelta(minutes=5):
|
||||
context['bad_request'] = f'You are already logged in as {request.user}'
|
||||
return Response(context, status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
|
||||
token = request.GET.get(self.lookup_url_kwarg)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user